Jackrabbit provides an additional API for security and user management. This is about user & group (principal) management. See AccessControl on how to set permissions for users and groups.
API
As an example to check if a user is the admin user, use:
JackrabbitSession js = (JackrabbitSession) session; User user = ((User) js.getUserManager().getAuthorizable(session.getUserID())); boolean isAdmin = user.isAdmin();
Please note this algorithm can only be used if user management is supported.
--->>create users
session = (JackrabbitSession) session; final UserManager userManager = session.getUserManager(); final User user = userManager.createUser(userName, userName); session.save();
-->> remove user
session = (JackrabbitSession) session; final UserManager userManager = session.getUserManager(); final User user = (User) userManager.getAuthorizable(userName); user.remove(); session.save();
--->> fetch members from a group
final List<String> members = new ArrayList<String>();
final UserManager userManager = ((JackrabbitSession) session)
.getUserManager();
final Authorizable auth2 = userManager.getAuthorizable(groupName);
if (auth2.isGroup()) {
Group group = (Group) auth2;
Iterator<Authorizable> iter = group.getMembers();
while (iter.hasNext()) {
Authorizable auth = iter.next();
if (!auth.isGroup()) {
members.add(auth.getID());
}
}
-->> Retrieve all available users from the repo
final List<String> users = new ArrayList<String>();
final UserManager userManager = ((JackrabbitSession) session)
.getUserManager();
Iterator<Authorizable> iter = userManager.findAuthorizables(
"jcr:primaryType", "rep:User");
while (iter.hasNext()) {
Authorizable auth = iter.next();
if (!auth.isGroup()) {
users.add(auth.getID());
}
}
if (!userManager.isAutoSave()) {
session.save();
}
TODO
- list users
- change password
- etc.